def test_create_for_new_role_id(self): role_id = 'new-id' lib.create_role(self.acls, role_id) self.assert_cib_equal(self.create_cib().append_to_first_tag_name( 'configuration', '<acls><acl_role id="{0}"/></acls>'.format(role_id)))
def test_create_for_new_role_id(self): role_id = 'new-id' lib.create_role(self.cib.tree, role_id) self.assert_cib_equal( self.create_cib().append_to_first_tag_name( 'configuration', '<acls><acl_role id="{0}"/></acls>'.format(role_id) ) )
def run_create_role(argv): if len(argv) < 1: raise utils.CmdLineInputError() role_id = argv.pop(0) description = "" desc_key = 'description=' if argv and argv[0].startswith(desc_key) and len(argv[0]) > len(desc_key): description = argv.pop(0)[len(desc_key):] permission_info_list = argv_to_permission_info_list(argv) cib = get_cib(get_cib_xml()) create_role(cib, role_id, description) add_permissions_to_role(cib, role_id, permission_info_list) replace_cib_configuration(cib)
def test_refuse_invalid_id(self): assert_raise_library_error( lambda: lib.create_role(self.cib.tree, '#invalid'), ( severities.ERROR, report_codes.INVALID_ID, {'id': '#invalid'}, ), )
def test_refuse_existing_role_id(self): role_id = 'role1' self.fixture_add_role(role_id) self.assert_raise_library_error( lambda: lib.create_role(self.cib.tree, role_id), ( severities.ERROR, error_codes.ACL_ROLE_ALREADY_EXISTS, {'id': role_id}, ), )
def test_refuse_existing_non_role_id(self): self.cib.append_to_first_tag_name( 'nodes', '<node id="node-id" uname="node-hostname"/>') assert_raise_library_error( lambda: lib.create_role(self.cib.tree, 'node-id'), ( severities.ERROR, report_codes.ID_ALREADY_EXISTS, { 'id': 'node-id' }, ), )
def test_refuse_existing_non_role_id(self): self.cib.append_to_first_tag_name( 'nodes', '<node id="node-id" uname="node-hostname"/>' ) assert_raise_library_error( lambda: lib.create_role(self.cib.tree, 'node-id'), ( severities.ERROR, report_codes.ID_ALREADY_EXISTS, {'id': 'node-id'}, ), )
def test_refuse_invalid_id(self): assert_raise_library_error( lambda: lib.create_role(self.cib.tree, "#invalid"), ( severities.ERROR, report_codes.INVALID_ID_BAD_CHAR, { "id": "#invalid", "id_description": "ACL role", "invalid_character": "#", "is_first_char": True, }, ), )
def create_role(lib_env, role_id, permission_info_list, description): """ Create new acl role. Raises LibraryError on any failure. lib_env -- LibraryEnvirnoment role_id -- id of new role which should be created permission_info_list -- list of permissons, items of list should be tuples: (<read|write|deny>, <xpath|id>, <any string>) description -- text description for role """ with cib_acl_section(lib_env) as acl_section: if permission_info_list: acl.validate_permissions(acl_section, permission_info_list) role_el = acl.create_role(acl_section, role_id, description) if permission_info_list: acl.add_permissions_to_role(role_el, permission_info_list)
def create_role(lib_env, role_id, permission_info_list, description): """ Create new acl role. Raises LibraryError on any failure. lib_env -- LibraryEnvirnoment role_id -- id of new role which should be created permission_info_list -- list of permissons, items of list should be tuples: (<read|write|deny>, <xpath|id>, <any string>) description -- text description for role """ cib = lib_env.get_cib(REQUIRED_CIB_VERSION) if permission_info_list: acl.validate_permissions(cib, permission_info_list) role_el = acl.create_role(cib, role_id, description) if permission_info_list: acl.add_permissions_to_role(role_el, permission_info_list) lib_env.push_cib(cib)